National Guard looks to private sector for cyber expertise
The Maryland National Guard wants to work with the cybersecurity industry to jointly recruit online warriors who could be activated for military duty in place at their civilian employers, the head of the state’s Air National Guard Cyber Operations Group said.
Col. Shawn Bratton, commander of the 175th Wing, told a Capitol Hill briefing recently that most of the 300 people under his command work in the cybersecurity industry. National Guard service members typically retain their full-time jobs in civilian life, and Bratton said that his operators would be a perfect fit for cybersecurity firms.
“In some cases, I’ll spend three years training an operator before I put him on mission,” Bratton said. “These operators receive the best that the Air Force and U.S. Cyber Command have to offer. They have a security clearance, access to intelligence and relationships across the DOD’s cyber portfolio.”
Hiring workers who wear two hats would be a force multiplier, he told the briefing on power grid cybersecurity, organized by the Lexington Institute.
“Imagine if this operator, my operator, is also working within industry or a state agency. Imagine if she worked, for instance, as a cybersecurity professional in the power industry. In some cases this does happen today, but it happens by accident.
“We should do this deliberately,” he said, urging companies to seek out members of the national guard and hire them.
“Even better,” he added, “We should recruit and hire them jointly. I’ll take them, train them, ensure they can hold a security clearance. I’ll make them then best in the world at cyber operations. Industry should hire them, allow them to attend training, from time to time release them for … [military] operations.”
Bratton said for his proposal to work, new policies would be needed to allow such dual hatting.
“In a given situation, my members should be able to convert in place from citizen to soldier or airman,” he said.
Sharing information would be a lot easier, “if the human in the loop works for both of us,” he pointed out. “My personnel tend to remain in place for long periods of time,” he said. That is important, he explained, because when it comes to cyber defense, “familiarity with [network] terrain is key.”
Partly for that reason, “I cannot imagine any company inviting us into their proprietary network,” even during a national crisis. “A far more likely and valuable contribution could be in the advise and assist role,” he concluded.
Watch Bratton’s talk here.